If you have an eCommerce Magento site, then CAPTCHA will surely help you to protect the site from spamming by bots and other malicious players. This article describes how to add CAPTCHA protection to your Magento site.
# Steps to enable CAPTCHA protection for the administration login page
Magento 2 and 1.9 allows you to add CAPTCHA protection for the administration login page, but it is disabled by default. So, enable the CAPTCHA protection for the administration login page, perform the following steps :
For Magento 2
1) Using your administrator account login to Magento.
2) On the left-hand sidebar, identify and click on Stores.
3) Go to Settings and under it click on Configuration.
4) Now click on ADVANCED and then click on Admin.
5) After that click on CAPTCHA.
6) In the list box to Enable CAPTCHA in Admin, select Yes. After this, additional configuration options will appear :
• In the list box for Font, select the font that you want to appear in the CAPTCHA.
• In the Forms box, select the form that you want to protect. Here you have the authority to select the administrator login page and the page that appears when a user click on the Forgot your password? link on the login page.
• If you want to appear CAPTCHA always on the login page, then in the Displaying Mode list box, select Always. Alternatively, if you wish CAPTCHA to appear only after a specific number of failed login attempts, then select the After number of attempts to login.
• You can also use the remaining configuration options to change the CAPTCHA’s appearance and functionality.
7) Click on Save Config.
For Magento 1.9
Perform the following steps to enable CAPTCHA protection for the administration login page on Magento 1.9 :
1) Using the administrator account log in to Magento.
2) On the top menu bar, click on System and then on Configuration.
3) On the left side in the Configuration pane, scroll down to the page and identify Advanced, under it click on Admin.
4) Now click on CAPTCHA.
5) In the list box to Enable CAPTCHA in Admin, select Yes. After this, additional configuration options will appear :
• In the list box for Font, select the type of font that you want to appear in the CAPTCHA.
• In the box for Forms, select the forms that you want to protect. Here you have the authority to select the administrator login page and the page that appears when a user clicks on the Forgot your password? link on the login page.
• If you want the CAPTCHA to always appear on the login page, then in the Displaying Mode list box, select Always. Alternatively, if you wish to appear CAPTCHA only after a specific number of failed login attempts, then select After number of attempts to login.
• You can also use the remaining configuration options to change the CAPTCHA’s appearance and functionality.
6) Click on Save Config.
# Steps to add CAPTCHA protection to the contact us page
You can not only protect the administration login page but can also protect the Contact Us page. The Contacts Form CAPTCHA extension is free and allows you to do so.
Note :
CAPTCHA protection to contact us page applies to Magento 1.9 and older versions only. Magento 2 doesn’t support it yet.
The Contacts Form CAPTCHA uses Google’s reCAPTCHA service. Before installing the Contacts Form Captcha in Magento, you first need to sign up for a Google reCAPTCHA account if you do not already have one. You can do this by visiting – https://www.google.com/recaptcha.
Perform the following steps to add CAPTCHA protection to the contact form of your Magento site :
1) Through your web browser visit the Contacts Form Captcha page at
http://www.magentocommerce.com/magento-connect/contacts-form-captcha.html
• Click on Install Now.
• Select the Magento Connect 1.9
• After it, tick the checkbox for I agree to the extension license agreement and then click on Get Extension Key.
• Click on Select Key, and copy the text in the text box.
2) As an administrator login to your Magento site.
3) On the menu bar at the top, click on System. After this under Magento Connect, click on Magento Connect Manager.
4) Now under the Install New Extensions section, go to the Paste extension key to install text box, and paste the extensions key that you have obtained in step 1. Click on Install.
5) Once Magento Connects completes the downloading of extension, click on Proceed.
6) Click on Refresh. Under the Manage Existing Extensions section, you should see contactsformcaptcha in the list of extensions.
7) At the top of the page click on Return to Admin.
8) Click System present on the top menu bar and then click on Contacts.
9) On the left side of the Configuration pane, under General, click Contacts.
10) Click Contacts Form Captcha :
• In the list box for Enable Captcha, select Yes.
• In the text box for Public Key, type your Google reCAPTCHA site key.
• In the text box for Private Key, type your Google reCAPTCHA secret key.
• In the list box for reCaptcha Theme, select the theme that you wish to use for the CAPTCHA interface.
• In the list box for reCaptcha Language, select the language that you want to use for the CAPTCHA interface.
11) Click on Save Config.
12) Using your web browser visit the Contact Us page. You can see that the CAPTCHA appears above the SUBMIT button.
That’s it!
Also Read :
How to reset the password for Magento admin panel?
